Microsoft Intune Reviews

We use Intune to connect university staff and faculty to secure resources on their computers quickly.  

Intune is a force multiplier coming directly from Active Directory. We had to engineer over some limitations of Active Directory, and Intune resolves that by addressing known trouble areas. It allows us to do things quicker and more efficiently. 

We like Intune's Autopilot functionality, which enables one-touch deployment. Dynamic grouping is another feature we find valuable working in academia. We have people in buckets based on their roles in the university, such as faculty, staff, alum, or grad. Sometimes, they will fit into multiple places, and dynamic grouping helps with that. So far, using Intune has been easy and intuitive. Once everything is set up, our user base finds it much easier and more modern.

We've recently purchased Copilot licenses for Intune, but we've only had it for a week or two. It's a new deal for Syracuse, but it has been good so far. It moves quickly. You can see that it's constantly learning, and I love that. Today is the dumbest it will ever be. It's going to continue getting better and better. Even when we're wowed, we understand that more "wow" will come. 

It has some growing pains, but they are no different from anything new. We're implementing Intune on an individualized data set. So there's no way Copilot can know everything about every data set it's going to get, but it does grow pretty quickly, which is phenomenal. 

It would be awesome if Microsoft opened their API so we could filter more properties. If we have to do anything outside of Intune that requires a third-party solution to talk back to it, we're very limited in what we can do. Trust your people. We promise not to break your stuff. Open it up just a tiny bit wider.

We started using Microsoft Intune about a year and a half ago. We transitioned our fleet from Active Directory to Azure Active Directory. Then, we took that hybrid and shifted it into Intune for our MDM solution.

Intune is solidly reliable. Microsoft has some peaks and valleys that you need to get used to. Stability is essential when transitioning from on-prem to the cloud, where Microsoft manages your infrastructure. There have been a few drops in performance, but that's more growing pains from our rapid expression than an indicator of major problems.

Scalability is fantastic. 

I am a technician, so when I'm reaching out about problems I cannot solve myself, they tend not to be tier-one or tier-two problems. When I contacted Microsoft, they had the same expertise, if not more, which is phenomenal because I felt heard and my problem was solved. That is delightful because I have contacted support for other solutions. After trying several troubleshooting steps, I contacted them, and they asked me to restart something. I have gone beyond that point and tried to tell you where I am. 

Positive

We previously used Active Directory and spec ops for software deployment, with Active Directory handling computer and user management. Intune was a natural progression for MDM. For Mac users, we still use Jamf but plan to transition them to Intune as support for Apple products grows.

It is absolutely a positive investment. Everything we've gained from it makes my job easier day after day, and I see value in it as an engineer.

I am not involved in those discussions. We worked hard to acquire E5 licensing, and Microsoft collaborated well with the university to ensure everyone got what they needed.

We are managing different platforms including iOS, Android, and Windows using Microsoft Intune. We are not supporting Mac. For Mac, our organization uses JAMF Pro. 

We use Microsoft Intune for application deployment, creating compliance policies for organizational devices and BYOD devices, creating configuration profiles, managing users, and troubleshooting for end users' enrolled devices. I provide level two technical support for end users.

My favorite feature of Microsoft Intune is the dashboard. The dashboard is very simple and user-friendly. Any person, even without prior knowledge, can understand it easily by seeing the interface dashboard. Everything is available in one place. 

For example, if you go to devices, all platforms will be shown. When you select one platform, such as Windows, everything will be on the same page, including application deployment, configuration profiles, compliance policies, future updates, and enrollment types. Anyone can easily understand it when compared to the SCCM tool.

For platforms such as iOS, Android, and Windows, Microsoft Intune is very good. When it comes to Mac, everyone uses JAMF Pro for patching and upgrading. I suggest they can improve Mac-related features and platform-related features. We cannot manage servers in Microsoft Intune because it is completely cloud-based.

The main issue with Microsoft Intune is that for Windows, we can support only Windows 10 and 11 operating systems. We cannot deploy large application files. For that, our organization uses SCCM only. We also cannot manage older versions of devices from Microsoft Intune, such as Windows 7, Windows 8, and Windows 9, as it does not support them.

I have been using Microsoft Intune for the last three years.

Everything is good with Microsoft Intune. They are releasing many updates recently. Previously, we were using Company Portal for deployment. Now, they have introduced web-based enrollment. 

Without the Company Portal, a user can directly register the device by using the Outlook application. In the last two years, they have introduced many changes. The performance and everything is good with Microsoft Intune. For us, Microsoft Intune responds very well. They handle it and provide us with complete data without any issues. Follow-ups are also very good.

We mostly connect with Microsoft whenever we are unable to resolve issues. 

We can check with Microsoft subject matter experts. We log an incident and check with the Microsoft subject matter expert. Based on the priority of the incident, if we create a priority one incident, they try to get in touch within one to two hours. 

They assign one agent who connects with our architect. They try to help us with the root cause analysis of the issue. Mostly, it takes some time because they need to examine all the logs. Root cause analysis takes considerable time to find the exact solution. 

For Microsoft Intune support, I give an eight out of ten. While they are SMEs who can fix issues quickly, the cases we have raised with Microsoft take too much time, which affects end users and the organization.

Positive

One person is required for the deployment of Microsoft Intune, though it depends on the requirement.

When it comes to pricing, Microsoft Intune is very good compared to other tools such as Tanium, Ivanti, and JAMF. Those are very high-cost tools. 

Microsoft Intune is less costly when compared to them and provides many features and benefits. On a single E3 or E5 subscription, a user can enroll ten to 15 devices. A single user can enroll 15 devices. They can access company resources such as Outlook, Teams, and everything without any issues.

Copilot in Microsoft Intune was recently introduced. I am working as L2 L3 support. We are using Microsoft Copilot. We are testing Microsoft Copilot for troubleshooting issues in a non-real-time environment. We are testing it for normal cases, such as Microsoft blogs or when new issues arise for users. 

If a client asks to deploy multiple applications, then a team will be required. Our client is a US-based health sector company, and we are users of Microsoft Intune without any partners. 

I rate Microsoft Intune nine out of ten.

I use Microsoft Intune on corporate devices as well as bring your own devices. It is always within an enterprise environment. I deal with industries such as manufacturing and health.

Microsoft Intune provides a more secure way by offering MFA policy, conditional access policies, and R-back policies. I can set up all my GPO policies, and Microsoft is moving these features to Microsoft Intune.

I could not discuss all the areas that need improvement due to time constraints. However, there are definitely challenges that could be addressed.

I have been using Microsoft Intune for around five to six years.

I rate Microsoft support between six to eight. The support often involves third parties hired by Microsoft who are knowledgeable, but sometimes the help I receive is not adequate.

Neutral

I previously used Blackberry until it was discontinued, which led me to switch to Microsoft Intune.

The setup is not difficult. The deployment time depends on the project specifics.

I rate the return on investment for Microsoft Intune as seven out of ten.

The pricing and licensing depend on my company's budget. If the company can afford it, it is manageable.

Overall, I would rate Microsoft Intune as eight out of ten.

Other

We use Microsoft Intune to manage mobile devices for our parent company and our independent subsidiaries. These devices are not directly corporate-owned but belong to individuals or subsidiaries with whom we work. We enroll both their and our corporate devices in Intune to manage policies, ensure optimal security settings through compliance reviews, and deploy a VPN client for secure access to our internal network resources.

Microsoft Intune has provided valuable insight into the status of our independent computers, which previously lacked a management agent and had no standardized security policies. We could not enforce password expiration policies, hardened passwords, or even minimum password requirements, with some users relying on six-character passwords. By enrolling these devices in Intune, we have enforced more robust security measures, such as a minimum eight-character password length, and gained visibility into device compliance to ensure adherence to best security practices for data protection.

The Intune user experience is good, especially with the many improvements made to the web interface over the years. It has always been designed as a simpler interface than Configuration Manager, and Microsoft has done a good job in achieving this goal.

Dynamic groups are more efficient than static groups, which require manually adding members. This was cumbersome, especially when onboarding new people, as it necessitated manually adding them to the appropriate groups. Dynamic groups allow us to set conditions for automatic membership, eliminating the need for user intervention or manual review and ensuring a seamless workflow.

Microsoft Intune's app deployment presents challenges for non-MSI and non-store apps, particularly EXEs, requiring the use of a Win32 wrapper tool and adding overhead to the process. Additionally, deploying device-specific installers, such as VPN clients, is complicated by the inability to target users directly, necessitating knowledge of device names that may not be readily available. Furthermore, the web interface lacks detailed information for MDM-enrolled devices, such as the user's UPN, requiring the use of Graph Explorer API and necessitating Global Admin consent to access device properties. Enhancing app deployment, enabling user-targeted device application deployment, and improving the web interface, particularly for MDM-enrolled devices, by providing comprehensive device information and customizable columns, would significantly streamline Intune's usability.

Microsoft Intune should enhance flexibility and features to better match the granularity available in systems like SCCM.

I have been using Microsoft Intune for over five years.

Microsoft Intune has been stable, and I have not noticed any specific stability issues. While we've encountered problems with other services like Exchange, Intune has remained unaffected.

Scaling Intune is challenging due to the various device types we manage. Our parent company's mobile devices were already enrolled, and we've added our independent Windows devices, with plans to include corporate devices soon. A key hurdle is the lack of visibility into user attributes in Intune, hindering our ability to create dynamic groups effectively. Ideally, we want to automatically segregate devices based on user properties like primary use, but currently, dynamic groups seem limited to device properties. This forces manual group assignment after user enrollment, which is inefficient and reliant on user notification. Improved dynamic group functionality, particularly the ability to leverage user attributes, would significantly streamline device management.

Customer support has been reasonable overall. However, there have been cases, such as issues with BitLocker recovery keys, where support was less effective, leading to multiple hand-offs and delays.

Neutral

Before Intune, the independent devices were unmanaged without any agent. For corporate devices, we previously used SCCM.

The initial deployment of Microsoft Intune was fairly straightforward, despite a few challenges due to our unusual configuration of two on-premise domains syncing to our Azure tenant. This dual user sync caused issues because some users remained on the older domain, leading to conflicts when automated systems modified on-premise account attributes. These modifications triggered Azure to switch the sync to the other account, resulting in login failures for users with cached credentials from the old account. While we've mostly identified the cause and the fix, we still encounter this issue occasionally.

The deployment was handled in-house. Our organization benefited from having skilled personnel and guidance from our parent company.

The return on investment includes successfully distributing applications like a VPN client and Office 365. As a result, independent devices now have better application access, encouraging even non-enrolled entities to request Intune enrollment.

We considered Tanium for managing independent devices, but it's a comprehensive endpoint management tool with more functionality than we needed. Management felt it would introduce unnecessary overhead. Since all our corporate devices are currently managed with Intune, adding independent devices would require segregation. Ultimately, we opted for Intune due to its ease of use, allowing us to create targeted policies from scratch.

I would rate Microsoft Intune a seven out of ten.

Public Cloud

Microsoft Azure

I use Microsoft Intune to check if laptops are compliant or not, and to check if applications are added to user profiles. Sometimes there are applications users cannot find in the Company Portal or on their laptops, so we try to add them to their profiles. We can check if there are issues with Windows updates and verify if they have the latest version. We can check by hostname or serial number of the laptop if a user's computer is compliant or has access to the enterprise company platform resources.

The best features of Microsoft Intune include helping to know if computers are configured correctly and if users have access to apps or the platform. It provides an excellent overview of all machines for the company and helps determine if those machines are facing issues. It is particularly helpful when laptops face issues with upgrading or migrating to Windows 10 or Windows 11.

Automation has room for improvement in Microsoft Intune for fixing some errors. The knowledge and database in support can also be improved. If errors aren't in the database, we need to check forums or Google to understand and troubleshoot them. The most important improvement needed for Microsoft Intune is to have a comprehensive database about what each error means exactly and what steps to take for troubleshooting.

I have been using Microsoft Intune for about four years.

The stability of Microsoft Intune rates at nine out of ten.

Microsoft Intune has saved approximately 30% of time.

Users are mostly satisfied with Microsoft Intune because it helps them understand what's happening on their laptops. For some issues, I can assist depending on Microsoft Intune access. When comparing Microsoft Intune with other tools, the pricing is acceptable and it's easy to use. I recommend Microsoft Intune; it should be used in companies using Windows. I rate Microsoft Intune eight out of ten.

On-premises

I use Microsoft Intune to manage devices and Windows, including Linux and macOS. It provides a zero-touch experience for provisioning mobile devices like iOS, iPad, Android, and macOS. It offers security and serves as a management tool where multiple products can be managed.

Microsoft Intune helps me manage devices and Windows, including Linux and macOS. It provides a zero-touch experience for provisioning mobile devices like iOS, iPad, Android, and macOS. It offers security and acts as a management tool where multiple products can be managed. Having all endpoint and security management tools in one place reduces the IT department's workload, making provisioning devices faster compared to traditional methods.

The reporting part needs improvement, and it would be beneficial if it could integrate with third-party tools instead of just Power BI. Additionally, the inventories could be enhanced.

I have ten years of experience working with Microsoft Intune. I also have experience with Jamf Pro, which I have used for four years.

I can give Microsoft Intune a ten out of ten for stability.

I can give Microsoft Intune a nine out of ten for scalability.

Customer service is good, and I would rate it nine out of ten.

Positive

I did not use any other solution before Microsoft Intune.

The initial setup was conducted in-house, and no external integrator or consultant was used.

We did not use an integrator or consultant; everything was done in-house.

Microsoft Intune is a cost-saving solution, reducing IT department workload and allowing for faster device provisioning compared to traditional methods. However, I am not sure about the exact savings per month or year.

I find the price somewhat affordable.

I never evaluated any other options before choosing Microsoft Intune.

My advice is to improve the reporting capabilities and integrate with third-party tools. I rate the overall solution nine out of ten.

Public Cloud

Other

We use Microsoft Intune to manage mobile devices and distribute software. It helps us securely manage multiple vendors and operating systems.

Intune makes our organization more secure and flexible. We can onboard new employees faster and more securely. We are a governmental organization with strict regulations, and Intune helps us comply with those requirements.

The most valuable feature for us is mobile device management because it allows us to use multiple vendors and operating systems securely. I don't use Intune directly. My teams have used it, and I don't get any complaints about the user experience. 

Intune Suite's enterprise application management has made my life a little more difficult because now I know the kind of applications circulating in my organization. On the other hand, we started a program to fix the problem, and Intune helps us by providing us with insights.

Copilot helps because you can use the prompt to ask questions about the Intune-managed environment. That shortens the time we spend on reporting and that kind of stuff. Our analysis will be more efficient.

We would like to see the ability to use multiple personas on a device, similar to Samsung Knox, included in future updates.

I have used Intune for the two years I have worked for my company, but the company has been using it for longer. 

Intune's scalability is excellent. We are not a large company—only around 2,000 employees— and Intune handles our needs well.

Customer service used to be better, but as we are nearing the end of the contract, the focus on investing in us as a customer has diminished. It is what one would expect in such a situation.

Positive

Deploying Intune was difficult for me, but we have a deployment manager who handles it. 

We used multiple consultants, including Capgemini and KPN. Our experience with Capgemini has been positive due to a long-term relationship.

It is hard to quantify the ROI in hard metrics, but using Intune allows faster onboarding, increased flexibility, and more insight into device and software usage.

We are a governmental organization, so we can get discounts. Considering our environment, we get good value. 

I rate Microsoft Intune eight out of 10. Microsoft Intune fits well into our architecture, and they are developing new features like Copilot. It has contributed to the seamless integration with our existing setup.

Hybrid Cloud

We use Intune to manage endpoints as a centralized enterprise solution. Instead of relying on Active Directory or an on-premise system, we directly manage employee devices using Microsoft Intune. Intune, a cloud-based SaaS product, simplifies endpoint management. From a user perspective, it's an improvement. Users no longer need to be on the office network. They can set up their devices anywhere with an internet connection, whether at home or another location.

Security is also enhanced. By using Intune as a mobile device management solution, we can implement security controls and restrictions on endpoints. Intune helps us achieve a balance between user experience and security.

Managing remote employee devices with Microsoft Intune is easy. Intune acts as a central platform for deploying controls, policies, and applications to our endpoints. It simplifies the delivery of these configurations to our remote workforce.

Intune simplifies our mobile application management. Once implemented across the organization, it will eliminate our reliance on on-premises solutions. Previously, managing endpoints required using our System Center Configuration Manager. Now, Microsoft offers a unified solution called Microsoft Endpoint Manager. Intune, a key component of this suite, allows for convenient device enrollment over the internet, streamlining endpoint organization.

Intune helps bring our endpoints and security management tools into one place.

Consolidating endpoints and security management tools simplifies IT and security operations. This unified approach offers a single solution or console for all tasks. Role-based access control ensures each administrator only sees and modifies what's relevant to their role. For example, the security team can access Intune solely for security-related functions, while the patch management team has its own set of permissions. This centralized management is significantly easier to handle than using multiple third-party tools. Intune provides a comprehensive solution where everyone can configure settings – security, endpoints, controls, etc. – within a single platform.

Intune offers endpoint visibility and IT control across various device platforms. It simplifies troubleshooting and device management compared to other solutions. Intune excels in providing a comprehensive solution. We can manage applications, security controls, and patching processes all within Intune. This eliminates the need to rely on three separate solutions. With Intune, everything is consolidated into a single platform, allowing for combined reporting and streamlined issue resolution.

Enrolling endpoints with Intune is a breeze! The overall user experience is excellent, easily a nine out of ten.

There are three critical features of Intune for maintaining our devices' security. Endpoint encryption ensures data on the device is scrambled even if it's lost or stolen. Intune supports BitLocker encryption for Windows devices and file-level encryption for Mac devices. Defender is a comprehensive security solution that helps protect devices from malware, viruses, and other threats. Compliance policies in Intune allow us to define security requirements for devices. These policies can enforce encryption, complex passwords, and other security settings. If a device doesn't meet the compliance policy, it can be restricted from accessing organizational resources. Intune can also send notifications to users or administrators when a device becomes non-compliant.

In the initial stages of migrating from our on-premises solution to Intune, we relied on device compliance policies. We configured these policies to require the latest antivirus signatures, specifically targeting developer devices. This ensured compliance and minimized the risk of non-compliance impacting their work. While compliance policies were initially used, we've since transitioned to Microsoft Defender, which now plays a major role in our device security strategy.

Intune's application deployment feature has significantly improved efficiency in our IT department. As one of its key functionalities, Intune allows deployment of a variety of applications with different extensions, such as .DXE or .MSI files. However, for applications requiring custom license scripts, batch files, or executables, Intune provides its own Windows app deployment toolkit. This toolkit facilitates the conversion of these files into a format compatible with the Intune app store and its update system.

The user interface is easy to navigate. Microsoft provides monthly updates that introduce new features. Previously, they provided pie chart visualizations for complaint and policy control status reports. These have been transitioned to standard chart formats. Overall, the UI continues to improve with each Microsoft update.

Company-owned devices are subject to a different set of policies. These policies may be very strict, restricting certain functionalities, or they may prioritize security above all else. On the other hand, for BYOD programs, we provide users with certain privileges for their mobile devices and laptops. We create a secure, isolated environment in a sandbox to manage the devices within that environment. Security is a major consideration for both BYOD and company-owned devices.

Intune has increased our IT productivity for patching and security by around 15 percent.

Microsoft Intune helps our organization reduce the risk of security breaches by eight percent by deploying zero-day patches in conjunction with Defender and Sentinel.

Intune has helped us consolidate vendors with the driver deployment and onboarding.

We manage configurations for Microsoft 365, co-managed devices, Azure, Defender security controls, and DLP controls within Intune. This centralized platform allows us to configure roughly 80 percent of these services and controls in a single location.

A valuable feature is user enrollment, where users can enroll their devices in their organizations themselves. This streamlines the process and saves IT time.

Another key benefit is zero-day productivity. During enrollment, the user has access to the applications and settings the organization needs them to have, making them ready to work immediately. Intune essentially pre-configures the device based on the user and organization during enrollment.

Finally, Intune offers easy patch management for various endpoints, including Windows 10, 11, and Macs. Deploying upgrades and monthly patches is significantly simpler compared to other solutions, both from Microsoft and third-party vendors.

The current Intune reporting functionality could benefit from some improvements. Specifically, a report that tracks patch deployment status would be valuable. Ideally, I'd like a report that provides device-level details on applications and controls deployed. However, it seems like other organizations might be more interested in control-centric reports, showing details like what control was deployed, the number of devices affected, and other relevant device data. Overall, reporting is the area where we're encountering the most challenges with Intune.

I've been using Microsoft Intune as a comprehensive solution for the past six years. While I had some experience with it before 2019, it was limited to mobile device management. Since 2019, I've been managing the full Intune suite as an administrator, overseeing Windows endpoints, Mac endpoints, Android and iOS.

I would rate the stability of Microsoft Intune eight out of ten.

Microsoft Intune excels in scalability, earning it a nine out of ten rating. It empowers organizations to migrate to the cloud and manage all their endpoints seamlessly. This includes a wide range of platforms like Windows, macOS, mobile devices, and even Linux. Intune simplifies endpoint management by offering a centralized solution for all these platforms.

The response time and technical knowledge of the support team is not what it used to be.

Neutral

We previously used an on-premises solution, Microsoft Endpoint Manager, to manage our devices. The pandemic necessitated a shift to the cloud.

The initial deployment of Intune can be complex because it is linked to Microsoft Entra, which itself is a complex product. This complexity depends on the desired outcome. Intune's deployment complexity hinges on whether users will enroll their devices themselves or if the IT team will enroll them and grant access. A proper pre-assessment is crucial to determine if Intune's complexity aligns with our desired outcome.

Our deployment took two months to complete because of the internal security approvals we required.

Three administrators were required for the deployment.

The price for Intune is fair.

I would rate Microsoft Intune eight out of ten. There are some improvements concerning the reports and there are other design-related concerns that we are looking at in Intune.

We don't have the tunnel option because we primarily work in a restricted computer environment. Our organization uses Microsoft Intune to manage applications within a dedicated sandbox environment. We perform frequent updates to ensure everything is current.

During the initial onboarding process, we encountered some challenges, and multiple teams were involved in resolving them. For example, users from India might experience issues like broken URLs or restricted access due to their ISPs. Similarly, in China, certain URLs might be blocked by some internet service providers. To address these issues, we initially involved additional administrators from each region on the administrative side. However, we've since transitioned to a centralized management structure with a core team of five to six members overseeing the entire organization.

We maintain a separate development Intune environment for User Acceptance Testing specific to the Asia Pacific region. Since our production environment is also located in Asia Pacific, we essentially have two Intune instances: one for development and one for production. We also have around 290,000 devices.

We have a team of five Intune administrators. The only maintenance required for Intune is the updates.

I recommend Microsoft Intune.

Based on the number of users and devices you're enrolling, I recommend having separate UAT and production Intune environments for larger deployments. For simpler environments, a single Intune license is sufficient to manage your devices and integrate with your Enterprise and Microsoft 365 solutions.

Public Cloud

Microsoft Azure